Louise McGregor Scam File

Spamming in Europe

One reason it’s easy to identify spam in Europe is the challenge of writing in a local language. In one early spamming attempt here in the Netherlands an email purporting to come from a Dutch bank began with the Dutch equivalent of “Darling client”, which put the unsentimental Dutch immediately on their guard.

But today’s spam attempt took the language challenge to a whole new level.

screen grab of the problematic email showing text in Swedish, English, Dutch, Norwegian and Italian

For added fun there are at least a couple of errors in those languages.

So who clicks on the link? There’s a theory that spammers deliberately make their emails bad because they only want to attract gullible people. But I think even the most gullible would spot this!

Louise McGregor social media

Twitter Basics; Part Five

As with any other community on or offline Twitter has its share of malevolent members. Some are merely irritating, some are more distressing and some pose a danger to your reputation.

In this post I’m going to talk about ways to spot some of the fakers, trolls, hackers and scammers, why they exist, and what you can do about them (if anything!)

Fakers

How to spot them

  • incomplete profile, or random statements (see image below)
  • “women in bikini” avatars
  • profile goes somewhere strange
  • ratio of followers to following is less than 1
  • repeat tweets of the same content
  • promises to get you more followers

Here are more signs that an account is fake, and some tools to help you test whether your followers are fake. Unfortunately the creation of these accounts is getting smarter, and the bots behind the accounts have got better at mimicking human behaviour, even twitter can’t always spot them.

Why they exist

The accounts are most likely spam accounts, if you check the profile and the tweets all links published connect to the same marketing site.

It’s possible to buy followers on Twitter, it goes against the terms and conditions of using Twitter, but it’s possible. There’s even a site dedicated to reviewing the various services on offer.

The services are sold as social media marketing; which makes no sense if you’re building an audience of bots. The other sales rationale is that it boosts your online credibility. Well, perhaps, temporarily. Companies doing this often follow genuine accounts in the hope of follow backs to increase their credibility.

What to do

There’s no real risk with these accounts, your follower count is higher and if you follow back your stream has some pointless posts in it. So you can just ignore the accounts. I don’t follow back if an account looks like a spam account. If you sign up to Manage Flitter they identify fake accounts you’re following and allow you to unfollow, the paid subscription allows you to identify fake accounts following you

Trolls

How to spot them

An internet troll has been defined as “an abusive or obnoxious user who uses shock value to promote arguments and disharmony in online communities”. You can spot them by their consistently mean and abusive comments, and their failure to back down or apologise when called on it.

Why they exist

A failure of evolution? The online world reflects the offline world, there are nasty people offline, you can expect them to also be online. Where anonymity is possible online some trolls use it as a shield to hide behind while they post abuse. Some platforms and some subjects are more famous for attracting abusive comments.

What to do

You have four options;

1 Ignore; Trolls thrive on your outrage, if you don’t provide it there’s a chance they’ll go away.

2 Respond; You can respond, challenging the person. It’s unlikely to change their mind or elicit an apology. It’s more like to earn you further abuse and others may join in, escalating it in round after round of competitive abuse.

3 Block; Twitter offers the option to block users, this means you will no longer see their content including tweets those which @ your handle.

4 Report; You can also report users to Twitter if you think their behaviour is abusive or threatening. If you think a threat of violence is credible you should contact your local police. In the UK this has led to arrest and prosecution.

Hackers

How to spot them

The scary thing is you might not know until it’s too late, be alert to any strange activity on your account including multiple password resets.

I spotted a hack going on with tweetdeck one day some years ago. I noticed two very strange tweets, supposedly retweets by me, containing a script which mentioned tweetdeck.

I checked whether anyone else had seen this error and there were already a few tweets reporting a problem with tweetdeck, including one linking to a Mashable article. The good thing about sites like Mashable or Techcrunch is they will report real time on attacks and they have the expertise to analyse the problem and tell you what to do. At that point they were saying there’s been a hack on tweetdeck and advising users to logout. I did, reverting to using twitter through the twitter site, where I checked the tweetdeck twitter account. They were already reporting on the issue.

Why they exist

The hackers want to steal your money, your identity or destroy your reputation. Alternatively they want to blackmail you. Sometimes they want to cause damage a the company by stealing data, and you have the bad luck to hold an account there. Or they could be looking to blackmail a company.

What to do

What you can do comes down to prevention and staying alert.

Prevention; secure your accounts with strong passwords, use different passwords for each site, and use two factor authentication whenever possible. Here are more tips to protect yourself (although there’s debate on whether changing your password really does help).

Stay alert; follow the twitter accounts of the tools you use, if you have doubts check reliable sources such as Mashable, TechCrunch and NakedSecurity. If you are attacked your actions depend on the attack. In the example I gave above from tweetdeck the advice was to log out of everything, when returning Tweetdeck advised a password change.

Scams

How to spot them

There are the usual scams that promise easy money via work from home schemes, and there are those connected to phishing scams, there are those that spread malware.

They’ll often send you a tweet or a direct message with just a link, or they’ll make an outrageous claim in the tweet, “someone is spreading rumours about you” was around a couple of years ago.

Why they exist

The people behind them want to steal your money, your identity or destroy your reputation.

What to do

Don’t click on links in messages or DMs that you’re uncertain about. Don’t fill in any passwords ever unless the URL of the site in the top bar is what you expect, so https://twitter.com/ for twitter. There are more suggestions on protecting yourself here.

As for the hackers stay alert, pay attention to credible warnings.

 

Louise McGregor Scam File

Catfish; Facebook Scam

I have a Facebook account, with my real name, real photo. I’ll connect to anyone I’ve met. From time to time I get invites from rather random people.  Somehow a lot the random people seem to be in the military.

Today’s invite was from John Carter. Here’s his Facebook profile.

Screen Shot 2016-01-12 at 11.32.36

So I did a little reverse image lookup and found an article from the Washington Post that begins.

Gen. John F. Campbell, the top U.S. general in Afghanistan, has taken to Facebook with a warning: Think twice before assuming profiles you see of him on the Internet are real.

It goes on to say that his team have discovered more than 700 fake profiles. General Campbell has his own Facebook page on which he explicitly states that he has no other profiles.

So what is this about? It’s the beginning of a catfish scam, an example of social engineering.

Social engineering is a technique used in many frauds, it relies on the fraudster persuading the victim into revealing confidential information or taking action that they wouldn’t have planned themselves. Often the fraudster creates an elaborate scenario to achieve this, and may create an online/social media persona to carry out the fraud. When a such a persona is created the fraud is know as “catfish”.

Steps in the catfish process;

  1. Catfish Scam Artist is active in a Facebook community or online game, seeking vulnerable target. Often they target someone who is older, lonely, isolated, not particularly knowledgeable about technology. They’re talented and picking the most gullible.
  2. Catfish builds rapport and makes friend request, the relationship may move to a deeper friendship or even a romantic or (cyber)sexual one.
  3. Catfish sets up scenario for the financial fraud to begin, they will create a legitimate sounding need for money. Perhaps for medical expenses for themselves or a close family member. Very often the first amounts needed are small but the ‘condition’ worsens and expenses rise.
  4. When challenged the Catfish will go on the defensive and provide some evidence of their fraud such as some form of medical report, but these “documents” are fake. (As a side note I have seen fake rental agreements, medical records, financial bonds, passports and ID documentation).

Dr Phil regularly does exposé episodes, and provides ten tips on checking potential catfish.

The fake romances can scam thousands or hundreds of thousands of dollars from their victims, in a further clip from the case above Dr Phil adds up the cost and gets a total approaching 200,000 USD. It is estimated that these fraud types are worth 82 million dollars in the US alone. That’s roughly a quarterly profit figure for Apple.

I’ve worked on cyber-security issues in a former job, I’m too suspicious to fall for this. I hope warning other people will help.

Image catfish via pixabay

Louise McGregor Scam File

Scam File; Asia Expats Guide still lying

I posted last week that Asia Expat Guides used fake testimonials on their website to which I got this rather interesting response.

Which is a fair point, sometimes people do look alike. I had a very confusing conversation with a woman in a hairdresser’s once, I was convinced she was a former colleague. Turns out, we’d never met.

This is not sixty of those cases. I’m not confusing a likeness, I am saying that Asia Expat Guides has copied photos from around the internet, invented names, and created a glowing review of their own services.

This is unfair on the people whose photos were stolen, it’s unfair on people considering Asia Expat Guides’ services; it’s lying, it’s fraud.

Here’s a slideshare of some of the ones I’ve identified so far, including the those Asia Expat Guides have removed. You’ll see a screenshot of the content Asia Expat Guides invented, alongside a screenshot of the image from the original site, with a link to that site.

Despite my blog post and tweets throughout last week, Asia Expat Guides continues to use photos of people assigning random names and endorsements to them. It’s clear that permission was not given. It’s also clear that they have done this knowingly, since they’ve removed the endorsements of some of people that I have pointed out.

But the fake testimonials remain, so I am presenting here a selection of the testimonials Asia Expat Guides publish with screenshots of the real person that I could track them down.

(If the slideshare isn’t presenting well on your screen, here’s the direct link; Scam File: Asia Expat Guides )

 

PostScript September 2018, Asia Expat Guides website is now offline

Louise McGregor Scam File

Scam File; Lying Testimonials Online

With more and more business being done online websites will often add customer testimonials to their sites, a real face and a real story add credibility.

Unless those testimonials are fake.

I recently received an email from Asia Expat Guides promoting their expat services, helping people relocate into Asia. I went to their site and started checking out their testimonials. First surprise – there were a lot of them; 64 in total. Seemed to be a wide range of people from lots of countries, but something about the sameness of the testimonials raised a red flag.

I found very little online using the names and information given so I started digging into the images; here’s where it got really interesting.

“Jeff” is really happy about the help he got moving to Vietnam, only he turns out to be John Franklin, of John Franklin Ministries, in Kentucky, USA.

“Eugene” has a lot of spare time now that the cleaning of his apartment is sorted out in Vietnam, so much so that he’s apparently started moonlighting as John Price, the Director of the International School Monaco. Hell of a Commute.

Ibrahim is finding it so much easier to get around in China and chat with his neighbours, luckily he found time for an interview, looks like the interviewer was confused though – he keeps calling him Samir Ahmed.

Jessica’s worked really to get this job and is loving the challenges and excitement of the expat life. It was a refreshing change from her job as Rosanne Paul, Real Estate agent.

I’ve checked every image from the testimonials, sixty of which I could track to a real name,  none of them match the information Asia Expat Guides provide.

Asia Expat Guides say they’ve helped hundreds of expats; if that’s true why couldn’t they find 5 or 6 real people to write a testimonial?

They also say they’ve been in business for four years. Four years – and the website domain was only registered this year?

I smell a rat. A big one.

 

PostScript September 2018, Asia Expat Guides website is now offline

Images;

cybercrime
all other images taken from Asia Expat Guides 07/08/13

Louise McGregor Scam File

YouTube and Fraud; they don’t care.

Right now there is a video hosted on YouTube that is part of a real estate scam.

How do I know this? Because the real estate scam uses my company’s name, and someone emailed me a complaint.

The scam works by posting an advertisement online offering an apartment in a great location at a low rental rate. If you respond you are asked to send two or three months rent/bond and promised the keys once the money is received. Of course the apartment doesn’t exist, and you will never see the keys. Or your money for that matter.

So I tried to alert YouTube to this legal problem, but because my company’s name does not appear in the video I alerted them to a scam. I sent my email in English. For some reason I got two responses in Dutch. Fine. I responded to one explaining that the video was part of a fraud, and attaching the original complaint email.

I got another answer in Dutch, telling me that YouTube has developed a number of channels where I can report an issue with a video. The option most closely matching my question is “For other potential abuse or security issues please visit our Abuse and Safety Center”

So I click on that option, which takes me to a set of country links… but only five countries. Which is weird, but the underlying information is about what spam/phishing are, than any tool to allow me to report an issue.

Report Spam and Phishing in US, Canada, UK, Australia and New Zealand

So I’ve tried twice to alert YouTube to a video that is part of a fraud, but it does not appear that a real person has read the emails or certainly no action has been taken. Meanwhile the video has got another two hundred views.

Of course I am taking responsibility for resolving this because there is a reputational issue for my company, but how can I get YouTube to take responsibility for what is also a reputational issue for them?

And for the 900+ viewers of the video, how many of them will lose money before YouTube wakes up and takes action?

post script one week later; video still there with 1322 views

post script one month later; video still there with 1705 views

post script June 2013; video still there with 1948 views, reporting system improved and incident reported once again.

post script September 2013; video still there with 2499 views, reporting system improved and incident reported once again. YouTube say 24 hour review. I’ve been trying this for almost a year.

Louise McGregor Scam File

Scam File; Advanced Fee Fraud or The Nigerian Scam

Anyone with email must have seen the forward fee fraud emails, promising you a large win in an email lottery – if only you’d pay these fees. They’ve become known as “Nigerian scams” or sometimes “419 scams” after the part of the Nigerian penal code that covers this fraud.

The format of the scam has a long and dishonorable history, starting well before the internet with a version known as the Spanish Prisoner.

The emails are typically poorly written, and most people ignore them. But not all – and in 2009 (the most recent credible report I can find) the estimated total amount of money defrauded was 9,387,810,000. That’s the low estimate. It’s equivalent to 2.9% of Nigeria’s GNP for the same year. It’s more than Apple’s revenue in 2009 – and they had significantly higher costs of operation.

So if the emails are so bad, in some cases laughably bad, who falls for it? Only the most gullible.

In fact the we’re asking this the wrong way around, it turns out that the scammers are deliberately creating emails that act as filters. The scammers are targetting those who are gullible and who have limited experience online, they therefore create emails that people with online experience will ignore. Even indicating the nationality “Nigerian” is done deliberately – to warn the non-gullible off. Which makes sense, if you’re a criminal on the internet lying about your name, some lottery or inheritance and producing fake documents showing the money in an account, telling the truth about your nationality has to serve some purpose.

image online fraud /Ivers McGraw CC BY-NC-ND 2.0

Louise McGregor Scam File

Scam File; domain names

There are hundreds of scams online. It’s a dangerous world out there. One recurring one is the email from some (fake) domain name agency, informing you that someone is claiming domain names in Asia and you need to Act Now to avoid missing out on these names which include your brand name. Sometimes they refer to spurious trademark or intellectual property legislation.

It’s a scam. You can safely delete the email.

I get a question about this roughly once a week, yet the scam has been around for years. So how can you be sure you’re not caught? What if you see a domain name they’re offering and you think you want it?

First thing is to make sure you are proactive on your domain name acquisition. This requires knowing your company’s brand names and global footprint, and combining that with some knowledge of risk around various domain name registrars. (We used CSC Global to help us figure this out). You should also decide how far down the track of protecting similar spellings you should go – Siemens may regret not buying Seimens.com for example, given how many people have trouble spelling their name.

If you do this, and keep up to date with changes in your company and in the domain name industry, you can be confident that you have the domain names you need for your business to run.

So when the email comes in trying to scare you into paying for domain names you’ll be able to confidently ignore it. This goes for small and large companies.

Very, very occasionally there might be a domain name in the list sent you that you want.  What should you do?

Nothing.

Wait a couple of weeks.

Acquire it yourself – it will still be available.